EUVD-2026-31827

A vulnerability was identified in Das Parking Management System 停车场管理系统 6.2.0. This affects the function xpcmdshell of the file ParkingRecord/ExportParkingRecords of the component API Endpoint. The manipulation of the argument Value leads to sql injection. It is possible to initiate the attack...

CVE-2026-9551

CVE-2026-9551 affects Das Parking Management System 6.2.0. The vulnerability resides in the API Endpoint’s ParkingRecord/ExportParkingRecords function, specifically the xp_cmdshell component, where manipulating the Value argument causes a SQL injection. It is exploitable remotely and the exploit ...

CVE-2018-25272

ELBA5 5.8.0 contains a remote code execution vulnerability that allows attackers to obtain database credentials and execute arbitrary commands with SYSTEM level permissions. Attackers can connect to the database using default connector credentials, decrypt the DBA password, and execute commands v...

CVE-2018-25272 ELBA5 5.8.0 Remote Code Execution via Database Access

ELBA5 5.8.0 contains a remote code execution vulnerability that allows attackers to obtain database credentials and execute arbitrary commands with SYSTEM level permissions. Attackers can connect to the database using default connector credentials, decrypt the DBA password, and execute commands v...

CVE-2018-25272

ELBA5 5.8.0 contains a Remote Code Execution vulnerability via database access. The issue allows an attacker to obtain database credentials, decrypt the DBA password, and run commands with SYSTEM-level permissions. Exploitation could occur by connecting with default connector credentials and usin...

EUVD-2020-4908

Malware in sbrugna...

EUVD-2022-46701

Malicious code in bioql PyPI...

EUVD-2022-46978

Malicious code in bioql PyPI...

CVE-2023-47261

Dokmee ECM 7.4.6 allows remote code execution because the response to a GettingStarted/SaveSQLConnectionAsync //gettingstarted request contains a connection string for privileged SQL Server database access, and xpcmdshell can be enabled...

Microsoft SQL Server Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft SQL Server Command Execution', 'Description' = %q This module will execute a Windows command on a MSSQL/MSDE instance via the xpcmdshel...

Turkish Hackers Exploiting Poorly Secured MS SQL Servers Across the Globe

Poorly secured Microsoft SQL MS SQL servers are being targeted in the U.S., European Union, and Latin American LATAM regions as part of an ongoing financially motivated campaign to gain initial access. "The analyzed threat campaign appears to end in one of two ways, either the selling of 'access'...

PySQLRecon - Offensive MSSQL Toolkit Written In Python, Based Off SQLRecon

PySQLRecon is a Python port of the awesome SQLRecon project by @sanjivkawa. See the commands section for a list of capabilities. Install PySQLRecon can be installed with pip3 install pysqlrecon or by cloning this repository and running pip3 install . Commands All of the main modules from SQLRecon...

CVE-2023-47261

Dokmee ECM 7.4.6 allows remote code execution because the response to a GettingStarted/SaveSQLConnectionAsync //gettingstarted request contains a connection string for privileged SQL Server database access, and xpcmdshell can be enabled...

Design/Logic Flaw

Dokmee ECM 7.4.6 allows remote code execution because the response to a GettingStarted/SaveSQLConnectionAsync //gettingstarted request contains a connection string for privileged SQL Server database access, and xpcmdshell can be enabled...

CVE-2023-47261

Dokmee ECM 7.4.6 allows remote code execution because the response to a GettingStarted/SaveSQLConnectionAsync //gettingstarted request contains a connection string for privileged SQL Server database access, and xpcmdshell can be enabled...

CVE-2023-47261

Dokmee ECM 7.4.6 is affected: a response from GettingStarted/SaveSQLConnectionAsync /#/gettingstarted exposes a privileged SQL Server connection string, enabling potential enabling of xp_cmdshell and remote code execution. The incident is described across multiple sources (NVD, Red Hat, PRION, CN...

Microsoft Warns of Cyber Attacks Attempting to Breach Cloud via SQL Server Instance

Microsoft has detailed a new campaign in which attackers unsuccessfully attempted to move laterally to a cloud environment through an SQL Server instance. "The attackers initially exploited a SQL injection vulnerability in an application within the target's environment," security researchers...

Sql injection

An issue was discovered in Simmeth Lieferantenmanager before 5.6. An attacker can inject raw SQL queries. By activating MSSQL features, the attacker is able to execute arbitrary commands on the MSSQL server via the xpcmdshell extended procedure...

CVE-2022-44015

CVE-2022-44015 affects the Simmeth Lieferantenmanager (Simmeth System GmbH) prior to version 5.6. The issue is a SQL injection vulnerability that allows an attacker to inject raw SQL queries. By activating MSSQL features, the attacker can execute arbitrary commands on the MSSQL server using the x...

Siemens SICAM PAS/PQS Sensitive Information Plaintext Transfer Vulnerability

Siemens SICAM PAS/PQS is a software from Siemens with an operating system for energy automation and power quality. A security vulnerability exists in Siemens SICAM PAS/PQS versions prior to V7.0 due to the affected software transmitting database credentials for the built-in SQL server in clear...